"The PC-BSD team is pleased to announce the availability of PC-BSD 1.4 (da Vinci edition)! This release is made available via the efforts of many developers and testers, who have spent the past months refining and improving upon the core PC-BSD experience." This release comes with Xorg 7.2, KDE 3.5.7, Compiz-Fusion 0.5.2, support for Flash7, and much more. There are release notes, a changelog, and downloads.

"To be frankly i think the firewall GUI in PCBSD is such a "budenzauber". I would like to see pf blocking all incoming connections by default. Yet tcp{22,445, 139} ports are open. I expected to see all ports to be filtered. "

Filtered? No. Closed, please. There's a RFC (cannot remember which) that requires closed ports to reply with a RST packet if closed, or ACK if open, but replying nothing is not recommended. Instead, having all ports closed for incomming connections (sending RST on request) would be good. If someone needs (!) to enable a certain connection (e. g. to run a web server, a mail server or allow SSH connections), he should be smart enough to do it on his own. As far as I know, OpenBSD has all ports closed by default and needs enabling by the user afterwards, if intended.

SSH functionality enabled by default is not that bad because it cannot be used without knowledge of a valid user account (name + password). Port 139/tcp is "netbios-ssn" and 445/tcp is "microsoft-ds", what are these needed for? I wondered in PC-BSD versions prior to 1.4...

A frontend to form pf rulesets could be a good idea, allthough I'd like to mention that I've formed my few firewall rules many years ago and never needed to change them.